Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

RepoInit Configuration is not able to set ACL: read permission of a system user in AEM As a Cloud Service

Avatar

Avatar
Validate 1
Level 1
shivanigarg111
Level 1

Likes

0 likes

Total Posts

4 posts

Correct Reply

0 solutions
Top badges earned
Validate 1
View profile

Avatar
Validate 1
Level 1
shivanigarg111
Level 1

Likes

0 likes

Total Posts

4 posts

Correct Reply

0 solutions
Top badges earned
Validate 1
View profile
shivanigarg111
Level 1

15-04-2021

Hi,

 

I am having one config "org.apache.sling.jcr.repoinit.RepositoryInitializer" and in that I am trying to set 

"set ACL for test-user \r\nallow jcr:read on /libs/dam/content". While deploying the changes in local, it gets deployed easily, but when I deploy this config with my codebase in AEM AACS Server,  it says

[Apache Sling Repository Startup Thread #1] com.adobe.granite.repository.impl.SlingRepositoryManager Exception in a SlingRepositoryInitializer, SlingRepository service registration aborted java.lang.RuntimeException: Failed to set ACL (java.lang.UnsupportedOperationException: This builder is read-only.) AclLine ALLOW {paths=[/libs/dam/content], privileges=[jcr:read]} at org.apache.sling.jcr.repoinit.impl.AclVisitor.setAcl(AclVisitor.java:64) [org.apache.sling.jcr.repoinit:1.1.28] at org.apache.sling.jcr.repoinit.impl.AclVisitor.visitSetAclPrincipal(AclVisitor.java:85) [org.apache.sling.jcr.repoinit:1.1.28]

 

To summerize, The issue is while cloud manager deploy my codebase with the repoinit config, it fails at deploy to dev step and says I can't set read access to /libs hierarchy. Ideally AEM says I can do that at the time of deployment, but not at the runtime

By seeing the below document, it feels like it should work because I am expecting it to set this permission at deployment time.

shivanigarg111_0-1618544020728.png

 

View Entire Topic

Avatar

Avatar
Affirm 100
Level 10
asutosh_jena
Level 10

Likes

404 likes

Total Posts

502 posts

Correct Reply

137 solutions
Top badges earned
Affirm 100
Ignite 1
Establish
Give Back 50
Give Back 5
View profile

Avatar
Affirm 100
Level 10
asutosh_jena
Level 10

Likes

404 likes

Total Posts

502 posts

Correct Reply

137 solutions
Top badges earned
Affirm 100
Ignite 1
Establish
Give Back 50
Give Back 5
View profile
asutosh_jena
Level 10

15-04-2021

Hi @shivanigarg111 

 

I tried with the below script and getting a different error though.

create service user test-user
set ACL on /libs/dam/content
allow jcr:read for test-user
end

Error:

INFO: Adding ACL 'allow' entry '[jcr:read]' for [test-user] on [/libs/dam/content]

ERROR: Failed to set ACL (javax.jcr.PathNotFoundException: Cannot set ACL on non-existent path /libs/dam/content) AclLine ALLOW {principals=[test-user], privileges=[jcr:read]} 

 

Debugging further. Will keep posted if I find anything.

 

Thanks!